<?php

/*
 * This file will perform the ajax for adding an attachment information in a location.
 * 
 * Created by: Peter Agno Jr.
 * Date created: Octber 22, 2011
 * 
 * In parameters: documentId
 * Out parameters: document information
 */

// Start - Checker for those users who will just go to the page by typing directly in the url.
if ($_POST) { 
    include('../includes/siteConfig.php'); 

    // connect to database
    $connect = mysql_connect($hostName,$rootName,$dBasePassword) or die ('Unable to connect!');
    mysql_select_db($dBaseName) or die ('Unable to select database!');

    $documentId = $_POST['documentId'];
    $scrnPostn = $_POST['scrnPostn'];
    
    // Get the document information needed for the attachment
    $query =
        "   
            SELECT attachmentId, mainDocumentId, documentSetupId, A.userId as userId, documentName, firstName, middleName, lastName
            FROM
                (SELECT *
                FROM
                    (SELECT attachmentId, mainDocumentId, A.documentSetupId as documentSetupId, location as userId, documentName
                    FROM Attachment as A
                    LEFT JOIN DocumentSetup as DS
                    ON A.documentSetupId = DS.documentSetupId) as DocInfo
                WHERE DocInfo.attachmentId = '$documentId') as NoName
            LEFT JOIN Account as A
            ON NoName.userId = A.userId
        ";
    $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
    $row = mysql_fetch_array($result);
    
    // Start adding the document information
    $docInfo = 
        "
            <span class='screenlet'>Document Information</span>
            <table>
                <tr></tr>
                <tr><td>Document Type : </td><td>Attachment</td></tr>
                <tr><td>Document Name : </td><td>".$row['documentName']."</td></tr>
                <tr><td>Document ID : </td><td><input type='hidden' name='attachmentId_".$scrnPostn."' id='attachmentId_".$scrnPostn."' value=".$documentId." />".$documentId."</td></tr>
                <tr><td>Document Labels : </td><td>
        ";
    
    // Add labels
    $labelQuery =
        "
            SELECT label
            FROM Document_Label as DL, Label as L
            WHERE documentId = '$documentId' AND DL.labelId = L.labelId
            ORDER BY label
        ";
    
    $labelResult = mysql_query($labelQuery) or die ('Error in query: $labelQuery. ' . mysql_error());

    // $totalLabel will be used for the commas of labels
    $totalLabel = mysql_num_rows($labelResult);
    $count = 1;
    
    while ( $labelRow = mysql_fetch_array($labelResult) ) {
        $docInfo = $docInfo . $labelRow['label'];

        if ( $count < $totalLabel ) 
            $docInfo = $docInfo . ", ";

        $count++;
    }
    mysql_free_result($labelResult);
    
    // Add Status
    $docInfo = $docInfo . "</td></tr><tr><td>Main Document : </td><td>";
    if ( $row['mainDocumentId'] != '' )     
        $docInfo = $docInfo . $row['mainDocumentId'];
//        $docInfo = $docInfo . "Attached to ".$row['mainDocumentId'];
//    else
//        $docInfo = $docInfo . "Detached";
    
    // Add Location
    $docInfo = $docInfo . "</td></tr><tr><td>Location : </td><td>";
    
    // FULL NAME
    if ( $row['userId'] == NULL ) {
        // Get the exAccName
        $exAccQuery = 
            "
                SELECT exAccName
                FROM Sent_Attachment as SA, ExternalAccount as EA
                WHERE SA.documentId = '$documentId' AND SA.orgFlag = 'External'
                    AND SA.receiverId = EA.exAccId
            ";
        
        $exAccResult = mysql_query($exAccQuery) or die ('Error in query: $exAccQuery. ' . mysql_error());
        $exAccRow = mysql_fetch_array($exAccResult);
        $docInfo = $docInfo . $exAccRow['exAccName'] . " ";
    }
    else {
        if( $row['firstName'] != NULL )
            $docInfo = $docInfo . $row['firstName'] . " ";
        else
            $docInfo = $docInfo . " ";

        if( $row['middleName'] != NULL )
            $docInfo = $docInfo . $row['middleName'] . " ";
        else
            $docInfo = $docInfo . " ";

        if( $row['lastName'] != NULL )
            $docInfo = $docInfo . $row['lastName'] . " ";
        else
            $docInfo = $docInfo . " ";
    }
    
    // Start - Displaying Department - Position
    $docInfo = $docInfo . "</td></tr>";
    $userId = $row['userId'];
    $deptPosQuery =
        "
            SELECT departmentName, positionName
            FROM Account_Dept_Pos as ADP, Department_Position as DP, Department as D, Position as P
            WHERE ADP.userId = '$userId'
                AND ADP.deptPosId = DP.deptPosId
                AND DP.departmentId = D.departmentId 
                AND DP.positionId = P.positionId
        ";

    $deptPosResult = mysql_query($deptPosQuery) or die ('Error in query: $deptPosQuery. ' . mysql_error());
    
    if ( mysql_num_rows($deptPosResult) != 0 ) {
        if ( mysql_num_rows($deptPosResult) > 1 ) {
            // User has multiple positions
            $firstRow = true;
            $docInfo = $docInfo . "<ol style='padding-left: 8.5%;'>";
            while ( $deptPosRow = mysql_fetch_array($deptPosResult) ) {
                if ( $firstRow == true ) {
                    $firstRow = false;
                    $docInfo = $docInfo . "<tr><td>Department - Position : </td><td>";
                }
                else
                    $docInfo = $docInfo . "<tr><td></td><td>";

                $docInfo = $docInfo . "<li>".$deptPosRow['departmentName'] . " - " . $deptPosRow['positionName']."</li></td></tr>";
            }
            $docInfo = $docInfo . "</ol>";
        }
        else {
            // User has only 1 position
            $deptPosRow = mysql_fetch_array($deptPosResult);
            $docInfo = $docInfo . "<tr><td>Department : </td><td>".$deptPosRow['departmentName']."</td></tr>";
            $docInfo = $docInfo . "<tr><td>Position : </td><td>".$deptPosRow['positionName']."</td></tr>";
        }
    }
    else {
        // No display if outside the organization
    }
    
    mysql_free_result($deptPosResult);
    
    // End adding
    $docInfo = $docInfo . "</table>";
    
    $feed['docInfo'] = $docInfo;    
    echo json_encode($feed);
    
    // free result and close database
    mysql_free_result($result);
    mysql_close($connect);
}   // End - Checker for those users who will just go to the page by typing directly in the url.
else {
 echo "You are not authorized to view this page. This incident will be reported immediately.";
}
?>
